Mirai uses the Internet of Things (IoT) devices like routers, digital video records (DVRs), and webcams/security cameras, enslaving vast numbers of these devices into a botnet, which is then used to conduct DDoS attacks.

Chris Sullivan, General Manager of Intelligence/Analytics atCore Security Inctold HackRead that IoT devices are cheap and don’t have the necessary memory and processing power to be secured properly. This is the main reason that they are easy to hack and use for malicious purposes.

According to Chris:

“This outage appears to have resulted from a new breed of very high volume DDoS, or denial-of-service attacks, that will be difficult to handle with the defenses that most enterprises have in place today. The really frightening part of this is not that we will be struggling with these new attacks for some time, but that the underlying weakness which makes them successful can and will be used to unleash more serious attacks that steal credit cards and weapons designs, manipulate processes like the SWIFT global funds transfers, and even destroy physical things the 30,000 PCs at Saudi Aramco.

IoT devices are the very cheap computers that we use to control the heat, lights and baby monitor in your home or tell UPS when a truck needs service – some cost less than $1. Unlike your PC or your phone, IoT devices don’t have the memory and processing to be secured properly, so they are easily compromised by adversaries and it’s very difficult to detect when that happens.

This is what’s driving the new ultra-high volume DDoS attacks like we saw today. Ultra-large IoT botnets are instructed to make so many superfluous requests of the target that legitimate requests cannot get through. No real damage is done but service is denied for legitimate users. Maybe you can’t get to twitter for an hour. But these same devices also have access to what we think are highly secured corporate, nations state and defense networks. They can be used to launch attacks on those networks from the inside where all of the net-generation firewalls, intrusion prevention and user-based analytics tools won’t even see them.

Companies should move immediately to get control of this situation both to protect themselves and because, in the wake of these new high-profile events, it’s likely to be mandated by new law. What is required now is the deployment of systems that don’t try to control the IoT devices but rather watch and learn how they behave so that we can identify malicious activity and isolate them when necessary.”

It is unclear who was behind these large-scale attacks or if these attacks are connected with what we saw a couple of weeks ago directed at the OVH and Krebs’ websites. One thing is quite obvious, though. Someone was trying to take the Internet down – and they almost succeeded. Let’s all just wait for the next barrage and ponder if the Internet of Things is actually turning into the Botnet of Things.

How a DDoS attack looks like

A list of usernames and passwords included in the Mirai source code.

Let’s see what’s next and how the Internet of Things are turning into Botnet of things. At the time of publishing this article, DDoS attacks on DYN’s servers were stopped and all our sites and services were back online.

Waqas Amir is a UK-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in Milan, Italy.